﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.SessionState;

namespace Presentation
{
	public class Global : System.Web.HttpApplication
	{

		void Application_Start( object sender, EventArgs e )
		{
			// Code that runs on application startup

		}

		void Application_End( object sender, EventArgs e )
		{
			//  Code that runs on application shutdown

		}

		void Application_Error( object sender, EventArgs e )
		{
			// Code that runs when an unhandled error occurs

		}

		void Session_Start( object sender, EventArgs e )
		{
			// Code that runs when a new session is started

		}

		void Session_End( object sender, EventArgs e )
		{
			// Code that runs when a session ends. 
			// Note: The Session_End event is raised only when the sessionstate mode
			// is set to InProc in the Web.config file. If session mode is set to StateServer 
			// or SQLServer, the event is not raised.

		}
		void Application_BeginRequest( object sender, EventArgs e )
		{

			string path = HttpContext.Current.Request.Url.AbsolutePath;

			if( HttpContext.Current.Request.ServerVariables["HTTPS"] == "on" )
			{
				if( SecurePath.IsSecure( path ) )
				{
					//do nothing
				}
				else
				{
					HttpContext.Current.Response.Redirect( HttpContext.Current.Request.Url.AbsoluteUri.Replace( "https://", "http://" ) );
					return;
				}
			}

			if( HttpContext.Current.Request.ServerVariables["HTTPS"] != "on" )
			{
				if( SecurePath.IsSecure( path ) )
				{
					//Redirect to https version
					HttpContext.Current.Response.Redirect( HttpContext.Current.Request.Url.AbsoluteUri.Replace( "http://", "https://" ) );
				}
			}

		}

	}
}
